In a data processing system, different devices may communicate with each other using one or more data transmission protocols. Certain protocols support multi-homing. Multi-homing allows a device to have more than one Internet Protocol (IP) address. One such protocol that supports multi-homing is the Stream Control Transmission Protocol (SCTP). SCTP is an IP transport protocol, which operates at an equivalent level to the User Datagram Protocol (UDP) and the Transmission Control Protocol (TCP), which currently provide transport layer functions for many of the main Internet applications. SCTP may be used in various different types of applications, including certain mobile and wireless applications, Signaling System 7 (SS7) applications, or Voice-Over-IP (VoIP) applications. In applications like these, it may be desirable or even necessary, on occasions, for a device to use more than one IP address during the course of a communication association with another device.
Since SCTP traffic is typically transported through the Internet, it can potentially be attacked by hackers. Standard SCTP may utilize TCP-based inspection techniques. TCP-based inspection establishes associations based on a five-tuple, which is specified as follows: <protocol number, source IP, source port, destination IP, destination port>. State information or a state table may be maintained by one or more network devices within the system, such as firewalls, to store and maintain state information about associations using the five-tuple data structure. Devices that implement SCTP, however, can consist of multiple IP addresses. For an SCTP message sent by a device, the major IP address of that device is typically stored in the IP header of the message, while the additional IP addresses may be stored inside SCTP application data of the message. When the five-tuple data structure is used, however, only the major IP addresses included within SCTP messages are monitored. Consequently, SCTP traffic using multiple IP addresses may not be handled correctly by existing firewalls when a device switches its identity from one IP address to another.